Assessor Resource

ICTCLD506
Implement virtual network in cloud environments

Assessment tool

Version 1.0
Issue Date: June 2024


This unit describes the skills and knowledge required to design and configure a virtual network according to networking requirements for a multi-tiered application on a cloud platform.

The unit applies to cloud engineers, cloud systems administrators and those who work within cloud computing operations to program, implement and maintain cloud computing solutions to support a business.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

You may want to include more information here about the target group and the purpose of the assessments (eg formative, summative, recognition)


Evidence Required

List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, and to:

design and deploy virtual network to support a multi-tier application in a cloud environment

modify at least one network configuration to peer with another virtual network.

In the course of the above, the candidate must:

enable security controls and confirm that controls accurately affect network traffic as required

use cloud management console, cloud software development kits or command line tools

create user documentation.

The candidate must demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit. This includes knowledge of:

industry technology standards used in cloud computing solutions and services

industry standard hardware and software products, their general features, capabilities and application, including storage technology

roles and principles of virtual networks in cloud environments

uses and purpose of routing, routing targets, subnets, networking security controls, virtual private network (VPN) and IP address ranges

uses of technology to connect to resources within a virtual network, including secure shell (SSH), virtual private network (VPN) and peering

uses and differences between:

public and private subnets

networking gateways

routing targets

network security controls

testing and debugging techniques

methodology and techniques to collect and analyse network traffic metrics and traffic logs.

Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

This includes access to:

cloud vendor service provider

information and data sources required to design and implement cloud infrastructure

specific requirements and industry standards, organisational procedures and legislative requirements, including business and functionality requirements, as required

internet and web browser

secure shell (SSH) or remote desktop protocol (RDP) client to connect to cloud-hosted instances

data to gather information from to determine output and user requirements, including user access and business protocols.

Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.

Submission Requirements

List each assessment task's title, type (eg project, observation/demonstration, essay, assingnment, checklist) and due date here

Assessment task 1: [title]      Due date:

(add new lines for each of the assessment tasks)

Assessment Tasks

Copy and paste from the following data to produce each assessment task. Write these in plain English and spell out how, when and where the task is to be carried out, under what conditions, and what resources are needed. Include guidelines about how well the candidate has to perform a task for it to be judged satisfactory.

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, and to:

design and deploy virtual network to support a multi-tier application in a cloud environment

modify at least one network configuration to peer with another virtual network.

In the course of the above, the candidate must:

enable security controls and confirm that controls accurately affect network traffic as required

use cloud management console, cloud software development kits or command line tools

create user documentation.

The candidate must demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit. This includes knowledge of:

industry technology standards used in cloud computing solutions and services

industry standard hardware and software products, their general features, capabilities and application, including storage technology

roles and principles of virtual networks in cloud environments

uses and purpose of routing, routing targets, subnets, networking security controls, virtual private network (VPN) and IP address ranges

uses of technology to connect to resources within a virtual network, including secure shell (SSH), virtual private network (VPN) and peering

uses and differences between:

public and private subnets

networking gateways

routing targets

network security controls

testing and debugging techniques

methodology and techniques to collect and analyse network traffic metrics and traffic logs.

Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

This includes access to:

cloud vendor service provider

information and data sources required to design and implement cloud infrastructure

specific requirements and industry standards, organisational procedures and legislative requirements, including business and functionality requirements, as required

internet and web browser

secure shell (SSH) or remote desktop protocol (RDP) client to connect to cloud-hosted instances

data to gather information from to determine output and user requirements, including user access and business protocols.

Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.
Copy and paste from the following performance criteria to create an observation checklist for each task. When you have finished writing your assessment tool every one of these must have been addressed, preferably several times in a variety of contexts. To ensure this occurs download the assessment matrix for the unit; enter each assessment task as a column header and place check marks against each performance criteria that task addresses.

Observation Checklist

Tasks to be observed according to workplace/college/TAFE policy and procedures, relevant legislation and Codes of Practice Yes No Comments/feedback
Gather multi-tier application networking requirements according to business needs 
Identify business and industry requirements for virtual network in cloud environment 
Research and identify available security options for virtual network 
Design virtual network according to networking and business requirements for a multi-tier application 
Allocate virtual network and subnets for documented IP ranges 
Enable network gateways and its service as required 
Configure route tables and routing targets as required 
Configure security controls to support test environment 
Check expected network traffic is permitted into, through and out of virtual network 
Collect and monitor network traffic logs and metrics 
Test external connectivity to a resource within virtual network and demonstrate only permitted traffic reaches the resource 
Troubleshoot and fix errors as required 
Establish peering connection between two virtual networks 
Adjust routing tables to direct traffic between both networks 
Demonstrate network connectivity between hosts in each network 
Test and troubleshoot network peering configuration 
Document work, including a network diagram, and submit to required personnel as required 
Obtain final task sign off from required personnel as required 

Forms

Assessment Cover Sheet

ICTCLD506 - Implement virtual network in cloud environments
Assessment task 1: [title]

Student name:

Student ID:

I declare that the assessment tasks submitted for this unit are my own work.

Student signature:

Result: Competent Not yet competent

Feedback to student

 

 

 

 

 

 

 

 

Assessor name:

Signature:

Date:

Assessment Record Sheet

ICTCLD506 - Implement virtual network in cloud environments

Student name:

Student ID:

Assessment task 1: [title] Result: Competent Not yet competent

(add lines for each task)

Feedback to student:

 

 

 

 

 

 

 

 

Overall assessment result: Competent Not yet competent

Assessor name:

Signature:

Date:

Student signature:

Date: